Skip to main content

KYC Flow Overview

The KYC process with Authenticalls consists of a few key steps that help ensure a smooth and accurate verification of customer identity. Below is a broad description of the flow:

1. Create a Session

The first step is to create a KYC session by sending a POST request to sessions/start with the required customer data in the payload. This will initiate the KYC process and return a session ID that you will use throughout the process.

Before sending the payload, ensure that the country and ID type are supported. We provide utility endpoints to check if a country or document type is valid:

  • id-documents/country-support/:country_iso – Check if a country is supported.
  • id-documents/document-types/:country – List of supported documents for a country.
  • id-documents/document-type-support – Verify if a document type is supported.

You can find detailed descriptions of these endpoints in the API reference.

2. Capture Document ID and Selfie Images

After creating the session, you will need to capture:

  • A photo of the customer’s document ID.
  • A series of 8 selfie images taken at an interval of at least 0.5 seconds to ensure the images are valid for a liveness check.

The document and selfie images should be encoded in base64 before sending them to our API.

3. Complete the KYC Process

Once you have gathered the document and selfie images, the next step is to complete the KYC process. This is done by sending a POST request to sessions/process along with the following data:

  • sessionId: (string) The session ID returned in Step 1.
  • documentImage: (string) Base64-encoded image of the customer’s ID document.
  • selfieImages: (string[]) Array of base64-encoded selfie images.
  • customerData: (object) Key-value pairs of customer information, such as:
    • firstName: "John"
    • lastName: "Doe"
    • country: "South Africa"
    • ...

The system will compare the provided customer data against the data extracted from the customer’s document ID.

If the KYC verification is successful, you will receive a validation ID. You can then check the validation result by either:

  • Using the sessions/verdict endpoint programmatically, or
  • Visiting the Authenticalls Dashboard under the Validations section.